FROM centos:7

LABEL name="Percona Server for MongoDB" \
	release="4.0" \
	vendor="Percona" \
	summary="Percona Server for MongoDB is our free and open-source drop-in replacement for MongoDB Community Edition" \
	description="Percona Server for MongoDB is our free and open-source drop-in replacement for MongoDB Community Edition. It offers all the features and benefits of MongoDB Community Edition, plus additional enterprise-grade functionality." \
	maintainer="Percona Development <info@percona.com>"

# check repository package signature in secure way
RUN export GNUPGHOME="$(mktemp -d)" \
	&& gpg --keyserver pool.sks-keyservers.net --recv-keys 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A 6341AB2753D78A78A7C27BB124C6A8A7F4A80EB5 91E97D7C4A5E96F17F3E888F6A2FAEA2352C64E5 \
	&& gpg --export --armor 430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A > ${GNUPGHOME}/RPM-GPG-KEY-Percona \
	&& gpg --export --armor 6341AB2753D78A78A7C27BB124C6A8A7F4A80EB5 > ${GNUPGHOME}/RPM-GPG-KEY-CentOS-7 \
	&& gpg --export --armor 91E97D7C4A5E96F17F3E888F6A2FAEA2352C64E5 > ${GNUPGHOME}/RPM-GPG-KEY-EPEL-7 \
	&& rpmkeys --import ${GNUPGHOME}/RPM-GPG-KEY-Percona ${GNUPGHOME}/RPM-GPG-KEY-CentOS-7 ${GNUPGHOME}/RPM-GPG-KEY-EPEL-7 \
	&& curl -L -o /tmp/percona-release.rpm https://repo.percona.com/yum/percona-release-latest.noarch.rpm \
	&& rpmkeys --checksig /tmp/percona-release.rpm \
	&& rpm -i /tmp/percona-release.rpm \
	&& rm -rf "$GNUPGHOME" /tmp/percona-release.rpm \
	&& rpm --import /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY \
	&& percona-release enable psmdb-40 release

# install exact version for repeatability
ENV PERCONA_VERSION 4.0.12-6.el7
ENV K8S_TOOLS_VERSION 0.4.2

RUN curl -L -o /tmp/jq.rpm https://download.fedoraproject.org/pub/epel/7/x86_64/Packages/j/jq-1.5-1.el7.x86_64.rpm \
	&& curl -L -o /tmp/oniguruma.rpm https://download.fedoraproject.org/pub/epel/7/x86_64/Packages/o/oniguruma-5.9.5-3.el7.x86_64.rpm \
	&& rpmkeys --checksig /tmp/jq.rpm /tmp/oniguruma.rpm \
	&& rpm -i /tmp/jq.rpm /tmp/oniguruma.rpm \
	&& rm -rf /tmp/jq.rpm /tmp/oniguruma.rpm

RUN yum update -y \
	&& sed -i '/nodocs/d' /etc/yum.conf || : \
	&& yum install -y \
		percona-server-mongodb-mongos-${PERCONA_VERSION} \
		percona-server-mongodb-shell-${PERCONA_VERSION} \
		shadow-utils \
		curl \
        && repoquery -a --location \
               policycoreutils \
                   | xargs curl -L -o /tmp/policycoreutils.rpm \
        && repoquery -a --location \
               percona-server-mongodb-server-${PERCONA_VERSION} \
                   | xargs curl -L -o /tmp/percona-server-mongodb-server-${PERCONA_VERSION}.rpm \
        && rpm -iv /tmp/policycoreutils.rpm /tmp/percona-server-mongodb-server-${PERCONA_VERSION}.rpm --nodeps \
        && rm -rf /tmp/policycoreutils.rpm /tmp/percona-server-mongodb-server-${PERCONA_VERSION}.rpm \
        && yum clean all \
        && rm -rf /var/cache/yum /data/db  && mkdir -p /data/db \
        && chown -R 1001:0 /data/db

# the numeric UID is needed for OpenShift
RUN useradd -u 1001 -r -g 0 -s /sbin/nologin \
            -c "Default Application User" mongodb

COPY LICENSE /licenses/LICENSE.Dockerfile
RUN cp /usr/share/doc/percona-server-mongodb-server-$(echo ${PERCONA_VERSION} | cut -d - -f 1)/GNU-AGPL-3.0 /licenses/LICENSE.Percona-Server-for-MongoDB

ENV GOSU_VERSION=1.11
ENV GOSU_MD5SUM=0e98180d09e27e8385f4273d1c5bcffa
RUN curl -L -o /usr/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \
	&& chmod +x /usr/bin/gosu \
    && echo "${GOSU_MD5SUM} /usr/bin/gosu" | md5sum -c - \
    && curl -o /licenses/LICENSE.gosu \
		https://raw.githubusercontent.com/tianon/gosu/${GOSU_VERSION}/LICENSE

RUN curl -fSL https://github.com/percona/mongodb-orchestration-tools/releases/download/${K8S_TOOLS_VERSION}/k8s-mongodb-initiator -o /usr/local/bin/k8s-mongodb-initiator \
    && curl -fSL  https://github.com/percona/mongodb-orchestration-tools/releases/download/${K8S_TOOLS_VERSION}/mongodb-healthcheck -o /usr/local/bin/mongodb-healthcheck \
    && chmod 0755 /usr/local/bin/k8s-mongodb-initiator /usr/local/bin/mongodb-healthcheck

VOLUME ["/data/db"]

COPY ps-entry.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]

EXPOSE 27017

USER 1001

CMD ["mongod"]
